Vulnerabilities > CVE-2003-1572 - Unspecified vulnerability in SUN JMF

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

sun

critical

nessus

NVD

Published: 2009-06-01

Updated: 2009-06-02

Summary

Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.

Vulnerable Configurations

Part	Description	Count
Application	Sun SUN JMF 2.1.1 SUN JMF 2.1.1A SUN JMF 2.1.1B SUN JMF 2.1.1C	4

Nessus

NASL family	Windows
NASL id	JMF_PRIVS_ESCALATION.NASL
description	The remote host is using Sun Microsystems
last seen	2020-06-01
modified	2020-06-02
plugin id	11635
published	2003-05-19
reporter	This script is Copyright (C) 2003-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11635
title	Sun Java Media Framework (JMF) Arbitrary Code Execution

Summary

Vulnerable Configurations

Nessus

References